Scott Nelson wrote:

d*b --- s

where: d = stamp delay in seconds
      s = spam size in bytes
      b = bandwidth in bytes per second

I don't understand this equation at all.

It's the rate limiting factor that counts, not a combination of
stamp speed + bandwidth.

well, stamp speed is method of rate limiting. This equation/formula gives you the ratio of performance degradation. So,

Given d=15, b=49152 (aka 384kbps) and s=1000

the slowdown ratio or factor is 737.28 times over what an unimpeded spammer can send. But as you increase spam size, the slowdown factor declines.

Assuming 128Kbps up, without a stamp it takes about .6 seconds to
send a typical 10K spam.

If it takes 15 seconds to generate the stamp, then it will take
15 seconds to send a stamped spam.  It won't even take 15.6 seconds,
because the calculation can be done in parallel with the sending.

actually, it would take 15 but only because you can be sending one stamped piece of spam at the same time as you're generating the next stamp. But using your spam size, , the slowdown factor becomes roughly 73 times. So they would need 73 machines running full tilt all the time to regain their old throughput. It's entirely possible that one evolutionary response to stamps would be to generate larger pieces of spam but that would also slow them down so we still win, kind of, sort of...

assuming unlimited bandwidth, if a stamp spammer compromises roughly the same number of PCs as were compromised during the last worm attack (350,000) at 15 seconds per stamp, you end up with 1.4 million stamps per minute or 2 billion stamps per day. When you compare that to the amount of spam generated per day (high hundred billion to low trillion),

Not according to the best estimates I have.
The average email address receives 20-30 spams a day (almost twice what it was last year) and there are only 200-400 million email addresses, which works out to less than 10 billion spams per day.

actually, I'm hearing that there are roughly one billion addresses but unfortunately have lost the source. The numbers for spam I'm hearing are on the order of 76 billion to 2 trillion
2 tril spams /day
76 bil

If you have a better source (and I am sure there are some), I would like to hear it.

But there's a much easier way to do the math.

If 1% of the machines on the internet are compromised,
and a stamp takes 15 seconds to generate, then spammers can send
50-60 spams to each person.

(86400 seconds per day / 15 seconds per stamp * 1% of everybody = 57.6)

unfortunately, I think you making some assumptions that are not fully warranted. I will try to do some research and figure out the number of machines compromised. The best No. I had seen to date was about 350,000.

You can reduce that by factoring in the average amount of time
that a compromised machine is on per day.

I fully expect that stamps will rise in "price" to several minutes, if camram actually gets any traction.

well, that might be the case but I must have a who cares attitude about that. For the most part I rarely send mail to strangers and the stamp generation process is in background. So if it take several minutes to queue up and send a piece of mail a few times a month. What's the problem? (yes, I know I'm being cavalier)

Custom hardware?
I can buy a network ready PC at Fry's for $199.

If it takes that machine 30 seconds to generate a stamp, and I leave
it running 24/7, and replace it after 5 months, then the cost
of a hashstamp is still less than 1/500 of a snail-mail stamp.
Granted it's a significant increase in costs over current email,
and therefore potentially a vast improvement, but it's still not expensive.

wrong unit of costs. The stamps still take 15 seconds (give or take) which means approximately 5760 stamps per day. Hardware acceleration is an attack against stamps by using dedicated hardware to shrink the cost in time of a given size stamp. so, if and evil someone can build an ASIC to shrink the cost of a stamped by 100 times, then mercenary somebody else can build the same functionality and performance as well. Plop it onto a USB interface chip, sell for $15 and balance is restored


Speech recognition in use.  Incorrect endings, words, and case is
closer than it appears

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to